Uploaded image for project: 'Magnolia'
  1. Magnolia
  2. MAGNOLIA-6686

System context operations hide the real user who triggered them

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Neutral Neutral
    • 5.5
    • 5.3.9, 5.4.7
    • security
    • Kromeriz 54
    • 5

      When a system user changes the password of any user through Security app, no track of the system user that made the change is stored in log-audit, always systemUser is set.

      It seems that the update is being done in the system context and because of that reason the user is not being written down:

      private static String getUser() {
        if (MgnlContext.isSystemInstance()) {
            return "SystemUser";
        }
        try {
            if(MgnlContext.hasInstance() && MgnlContext.getUser() != null) {
                return MgnlContext.getUser().getName();
            }
        }catch (Exception e) {
            return "system user";
        }
        return "user not set";
    }

      I tested it in Magnolia 5.3.9 and Magnolia 5.4.7 (demoauthor.magnolia-cms.com)

      More information can be found in linked ticket (SUPPORT-6040)

        Acceptance criteria

              ajuran AntonĂ­n Juran
              miruela Mercedes Iruela
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved:

                  Bug DoR
                  Task DoD

                    Estimated:
                    Original Estimate - Not Specified
                    Not Specified
                    Remaining:
                    Remaining Estimate - 0d
                    0d
                    Logged:
                    Time Spent - 0.5h
                    0.5h